“What is the state of your industrial security program?”
That is the question being posed more and more during informed discussions about defense trade, particularly given today’s global marketplace of defense articles and defense-related technologies.
What is the state of your industrial security? How do we, as an ally, know trusted people are safely handling information sensitive to our national security? How do we know industrial facilities and research laboratories are secure from hostile interests or vindictive employees? How can we be sure intellectual property is protected—not only ours but your own? How robust and resilient are the cybersecurity programs of your defense-related companies large and small, and of your government—and are they aware of each other’s efforts and standards? And if security leaks, can we be sure you will inform us on a timely basis and correct the problem?
These are the questions that haunt today’s defense market place—and they have become increasingly acute for the government of Japan. It is widely recognized that Japan lacks a strong comprehensive IS program both in government and in industry.
Fortunately, the problem is far from insoluble. There are current efforts by multiple Japanese government agencies, including ATLA, NISC), METI, and the Cabinet Intelligence Research Office (CRIO).
On May 16, 2018 the Japanese Diet passed a law decreeing that companies doing business with the government must comply with the security guidelines outlined in 2013 Secrets Protection Act. JMOD’s defense contractors already must comply with these rules on a contractual basis, and the Japanese government has created an interagency uniform secret classification system in accordance with the same act. In addition, an effort is now underway to use the 2017 METI guidelines as a template for development of a future Japanese version of NISPOM—the document that oversees U.S.’s own industrial security procedures.
Nor from an historical point of view is Japan the only example of a country that has had to rapidly make up ground on the IS front. In the early 1980s, the U.S. faced enormous challenges when its NATO allies lost technology to the Soviets, endangering the future of the alliance (it was the need to monitor and deter critical technology transfers to the Soviets that led to the creation of DTSA itself). A decade later, thanks to U.S. encouragement and cooperation, the situation had changed and an important level of security equivalence had been achieved which has lasted until today— and which has been a foundation of U.S.-NATO defense industrial cooperation ever since.
A similar success story has been South Korea, where with U.S. help and encouragement the Seoul government has been able to transform Korea’s IS ecosystem from negative to positive in a relatively short time.
By starting with a strong comprehensive program that covers defense contractors within the purview of JMOD and ATLA, Japan can create IS protocols and mechanisms for application that can be expanded into a broad interagency approach.
Furthermore, it is imperative that the United States help Japan close this gap because the future of the alliance’s technology sharing, defense trade, and industrial cooperation hinges on it—as well as the future security of the region.